At 01:34:03 Eastern Time (US), 3 July 2006, my Norton Internet Security reported:

Details: Attempted Intrusion "ICC Profile TagData Overflow" against your machine was detected and blocked
Intruder: entmoot.tolkientrail.com(204.11.53.191)(http(80))
Risk Level: High
Protocol: TCP
Attacked IP: localhost.
Attacked Port: 3212

Symantec describes the problem here: http://www.symantec.com/avcenter/attack_sigs/s21196.html.
Norton then shut off Entmoot for 30 minutes.

Microsoft describes the attack in “MS05-036: Vulnerability in Microsoft Color Management Module could allow remote code execution,” http://support.microsoft.com/?kbid=901214.

Anyone have any insight here?

This is out of my league, but I've waved a flag in the mod forum - so hopefully one of our more tech-minded admins can follow-up on it.

Thanks for letting us know.

It could be a 'ping' which many sites use; not quite a cookie but an identifing tool.

Two yrs. ago I had a heavy duty protection on my computer and I'd get this kind of thing several times a day. It was so annoying I finally wrote to one of the companies reported and got back a very nice and detailed reply explaining what was happening and that no intrusion nor attempt at access was being done but rather just an identification and routing tool.

There, that's my input. :)

P.S. I have Norton and haven't gotten any similar messages since installing the program.

Entmoot's trying to hack my computer?? :eek:

:p ;)
I know you'd never do that to me...would you?

i would agree with spock. it was probably the "remember me" feature, which is a cookie, if not just cookie-like, because when i once deleted all cookies, i had to re-sign in...

sounds remarkably like the 'chocolate-chip' worm ...